Alternate Install Option

After running the configuration, do the following:

• Modify conf/webserver.properties. Change port 7443 to 443
• Add the following lines to *-myadito.conf after ServerAlias and save:

redirect permanent / https://myadito:443

• Restart httpd
• Run ant start
• https://myadito or myadito will allow access

To create certificate used by Apache and Adito, accomplish the following:

• openssl genrsa -out server.key 1024
• openssl req -new -key server.key -x509 -days 1000 -out server.crt
• openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12 -name "adito"
  • Password required for PKCS12, must be at least 6 in length
• When doing adito config, import instead of creating a new cert.
  • Set type to PKCS12
  • Password will be one chosen above for cert
  • Name or alias is adito

This will ensure apache and adito use the same cert. Not sure if type matters, X.509 or PKCS12.

root

• yum -y install ant mod_ssl java-1.6.0-openjdk-devel
• export JAVA_HOME=/usr/lib/jvm/jre-1.6.0-openjdk
• create a webapp (myadito)
• cd /var/hda/web-apps/myadito
• chmod -R 777 .

user

• wget http://superb-east.dl.sourceforge.net/sourceforge/adito/adito-0.9.1-bin.tar.gz
• tar -xf adito-0.9.1-bin.tar.gz
• mv adito-0.9.1/ server/
• cd server/
• ant install
• run the configuration at http://hda:28080/
• do not configure https or 443 - try 7443 and http only
• once done: ant start
• the server should start - at http://hda:7443

• then try to make a proxy to it:

root

• in the /etc/httpd/conf.d/*-myadito.conf file, add:

       ProxyPass / http://localhost:7443/
       ProxyPassReverse / http://localhost:7443/

• then service httpd restart
• that should work as http ONLY

for https traffic from the net to apache:

• yum install -y mod_ssl
• change port of the virtualhost to 443

options to play with:

       SSLProxyEngine On
       ProxyRemote https://myadito:443/ https://localhost:7443/

       ProxyRequests Off
       ProxyPreserveHost Off

       ProxyPass / https://localhost:7443/
       ProxyPassReverse / https://localhost:7443/

not all of them at the same time!!

old:

• create a webapp (my-adito)
• cd to it (cd /var/hda/web-apps/my-adito/
• chmod -R 777 .
• wget http://superb-east.dl.sourceforge.net/sourceforge/adito/adito-0.9.1-bin.tar.gz
• tar -xjf adito-0.9.1-bin.tar.gz
• mv adito-0.9.1/ server/
• cd into server
• cp conf/wrapper.conf.base conf/wrapper.conf
• copy a valid, pre-configured database set of files to the db/ dir
• chmod 777 install/platforms/linux/x86-64/wrapper
• ./install/platforms/linux/x86-64/wrapper /var/hda/web-apps/myadito/server/conf/wrapper.conf wrapper.pidfile=my.pid wrapper.daemonize=FALSE

some guide for f10:

http://www.extrahip.net/node/17

Summary of Manual Install

• Concept: Adito requires Apache Ant to install and root access. The intent is to find a way to patch the source and do everything at the user level. In order to make this a one-click install, the patch would include predefined admin and links pertinent to the Amahi HDA.

• I did an actual install on a VirtualBox F10 32-bit VM with Amahi. As root, I did an install, activated the service, and logged in once to ensure everything worked (see http://wiki.amahi.org/index.php/adito). Once finished, stopped the service and compared the install version with the original source version. Files that were different are listed below:

server/conf: default.keystore.jks
server/conf/prefs/system/extensions: prefs.properties
server/conf/prefs/system/extensions/versions: prefs.properties
server/conf/prefs/system: prefs.properties
server/conf/repository/keystore: default.keystore.jks
server/conf/repository/PKI: aditoadmin.prv
server/conf/repository/PKI: aditoadmin.pub
server/conf: webserver.properties
server/conf: wrapper.conf
server/db: explorer_configuration.backup
server/db: explorer_configuration.data
server/db: explorer_configuration.log
server/db: explorer_configuration.properties
server/db: explorer_configuration.script
server/db: upgrade.log
server/db: versions.log
server/lib: tools.jar
server/logs: 2009_06_15.request.log
server/logs: adito.log
server/logs: wrapper.log
server/tmp: availableCipherSuites.txt
server/tmp: extensions (this is a directory of files)
server/tmp: org  (this is a directory of files)

• I then made a patch with the different files and started a clean VM. I followed the steps below to do the install without Apache Ant, but still using root access:

yum -y install java-1.6.0-openjdk-devel
cd /var/hda/web-apps/
mkdir myadito
cd myadito
wget http://superb-west.dl.sourceforge.net/sourceforge/adito/adito-0.9.1-bin.tar.gz 
tar -xf adito-0.9.1-bin.tar.gz
rm -f adito-0.9.1-bin.tar.gz
mv adito-0.9.1/ server/
cd server
wget adito-0.9.1-patch.zip (this is an archive of changed files between source and install)
wget adito-0.9.1-patch.zip
unzip adito-0.9.1-patch.zip
rm -f adito-0.9.1-patch.zip
chmod a+x /var/hda/web-apps/myadito/server/install/platforms/linux/adito
chmod a+x /var/hda/web-apps/myadito/server/install/platforms/linux/x86/wrapper
chmod a+x /var/hda/web-apps/myadito/server/install/platforms/linux/x86-64/wrapper
export WRAPPER_CONF="/var/hda/web-apps/myadito/server/conf/wrapper.conf"
/var/hda/web-apps/myadito/server/install/platforms/linux/adito start

Once it started, I used FF and went to https://localhost. The service only runs for about 10 sec, then shuts down, so have to be quick. Once I got the 'secure connection failed', I chose 'add exception.' I then did 'get certificate' and the 'confirm exception' button was greyed out. There was no certificate info available and I could not proceed. By this time, the service had also shut down.

I do not know why it shuts down, but it could be related to the certificate problem. There is guidance on the Adito wiki (http://adito.wiki.sourceforge.net/ssl_certificate_management) which provides some direction on manually creating a certificate.